Cookies – what are they and what are the rules for business websites using them?

The use of cookies (and we don’t mean the sugary kind) is now common place among websites the world over. So what are they and what do you need to know about them? And as a business, what are the rules around using them?

What are cookies?

In simple terms, internet cookies are hidden files that a website can place on a visitor’s computer or device. They can record detailed information about how someone behaves online – remembering who they are, what they like and what they have done previously.

HowStuffWorks describes them as: ‘A cookie is a piece of text that a web server can store on a user’s hard disk. Cookies allow a web site to store information on a user’s machine and later retrieve it.’

Cookies can track when a visitor lands on a website and monitor what they do once there. When that visitor returns, this information can then be used to tailor their experience, automatically tweaking a site to match their preferences.

Cookies that are placed by a website itself are called ‘first party cookies’ and those set by other websites who run content on a website are known as ‘third party cookies’. A website will only be able to get information that has placed onto a visitor’s machine. It cannot retrieve anything from other cookie files, or other information stored on the device.

Why use them?

The use of cookies is widespread and one major benefit to businesses is that they can help provide valuable and very detailed information on the behaviour of site visitors. The data collected can be used to create a more tailored, personal and enjoyable experience – which is all good when it comes to building a rapport with a target audience and potential customers. They can also have a practical use, storing usernames and passwords, making the whole process easier.

If you’re not sure whether your company website currently uses cookies, then think if it includes any of the following features or functions, as they all use cookies:

· A blog/content management system such as WordPress

· A website analytics program such as Google Analytics

· Google AdSense and/or AdWords

· Facebook, Twitter, Google+ or other social media “like” buttons or plugins

· A shopping basket

If you already use, or are considering using Lead Forensics to help accelerate your lead generation, then you don’t need to worry about cookies. The software doesn’t use them, it only uses IP tracking to identify the web visitors that are coming to your site.

UK cookie rules

There are strict rules around the use of cookies in the UK. While most firms use them fairly and responsibly, new legislation was introduced in 2012 to help combat those who were overusing them, or abusing the system – for example by using cookies that track online activity across the whole internet, not just on the website they came from.

This EU legislation required websites to get active consent from visitors (for example by ticking a pop up when they first land on a site). However, the guidelines have since been revised and now instead of having to get explicit consent like that, it is ok for websites to assume that visitors have implied consent by their use of the site. To do this websites must have a very clear and obvious Cookies Policy in place that is easy to find and understand. It must tell people that the site uses cookies and explain exactly what the cookies do and why.

US cookie rules

Across the pond in the US there are no such rules.

According to an article by Technology Science, Google tracks individuals online more than any other company aside from a user’s Internet Service Provider. They add: ‘Hundreds of third-party hosts also track users, and under the current self-regulatory regime, it is up to users to investigate these companies’ privacy policies and decide whether to use the websites.’

While there may be less regulation in the US, companies need to check that they are complying with EU rules if their services are in any way associated with European markets. Three key issues come into play here, which may mean the rules will apply:

· The location of the company that owns the website is the first consideration.

· The second is where the company’s website servers are located.

· And thirdly, who the intended audience of the website is. Who is it aiming at, where are they based in the world?

Organisations can find out more about their obligations and how to comply, including protecting personal information, from the ICO’s website.

The future

Issues of data protection, privacy and online security remain top priorities across the globe. But technology never sits still. New developments are happening all the time, including in the way cookies are used and how people’s online activity is monitored.

As a business, it is your job to stay on top of the regulations. Make the most of any technology that can help you strengthen your own marketing and do everything you can to provide a safe, enjoyable online experience for new and existing customers.